JDK-8163896 : Finalizing one key of a KeyPair invalidates the other key
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 9
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: windows
  • Submitted: 2016-08-11
  • Updated: 2019-04-27
  • Resolved: 2016-08-15
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7 JDK 8 JDK 9
6u141Fixed 7u131Fixed 8u152Fixed 9 b133Fixed
Related Reports
Relates :  
Description
Here's the reproducer:
-------------------
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;

public class Main {

    public static void main(String[] args) throws Exception {
        KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "SunMSCAPI");
        KeyPair pair = generator.generateKeyPair();
        Key publicKey = pair.getPublic();

        pair = null;
        for (int i = 0; i < 1024; ++i) {
            System.gc();
        }

        publicKey.getEncoded(); // <<< throws KeyException: The parameter is incorrect
    }
}
-------------------

This is because when a KeyPair is created both keys share the same native handles.
Thus, when one of them is destroyed (i.e. finalized), the handles become invalid.
Comments
Example of the stack-trace, caused by this bug: ---------------------------------------------------- Exception in thread "main" java.security.ProviderException: java.security.KeyException: The parameter is incorrect. at sun.security.mscapi.RSAPublicKey.getModulus(RSAPublicKey.java:119) at sun.security.mscapi.RSAPublicKey.toString(RSAPublicKey.java:82) at SharedNativeHandles.lambda$main$0(SharedNativeHandles.java:45) at SharedNativeHandles.test(SharedNativeHandles.java:68) at SharedNativeHandles.main(SharedNativeHandles.java:49) Caused by: java.security.KeyException: The parameter is incorrect. at sun.security.mscapi.RSAPublicKey.getPublicKeyBlob(Native Method) at sun.security.mscapi.RSAPublicKey.getModulus(RSAPublicKey.java:115) ... 4 more
13-08-2016